Integrating websites with database systems to create web pages can require complex security schemes to properly authenticate a plurality of different kinds of users, many of which have different roles in an organization that require each kind of user to require specific access rights. Creating a plurality of user roles with different accesses rights may lead to some website files being accidentally exposed and potentially discoverable by hackers. This may be especially true as the website matures and new files are added and older files become unlinked. For example, certain files may be linked in the web site based on user roles and some older files which are deemed not up to date may be unlinked. These unlinked files may be accidently copied or may reside in an old directory and they are not easily visible to the developer. In this situation, a hacker could initiate a file enumeration attack which is an attack where the aim is to enumerate and access resources that are not referenced by the application, but are still accessible.
An attacker may use brute force techniques to search for unlinked contents in a directory, such as temporary directories and files, as well as old backup and configuration files. These unlinked files may still store sensitive information about web applications and operational systems, such as source code, credentials, internal network addressing, and so on, thus being considered a valuable resource for intruders. Therefore, there is a need for a developer to quickly determine potential security breaches in systems having complex security rules.